www.gusucode.com > 艺帆全站DIV+CSS体育用品公司网站源码 1.7.5源码程序 > add_book/add_book_pass.asp
<!--#include file="../Conn.asp" -->
<%function Replace_Text(fString)
if isnull(fString) then
Replace_Text=""
exit function
else
fString=trim(fString)
fString=replace(fString,"'","''")
fString=replace(fString,";",";")
fString=replace(fString,"--","—")
fString=server.htmlencode(fString)
Replace_Text=fString
end if
end function
%>
<%
set rs=server.createobject("adodb.recordset")
sql="select * from ly"
rs.open sql,conn,1,3
title=Replace_Text(request.form("title"))
body=Replace_Text(request.form("body"))
name=Replace_Text(request.form("name"))
qq=Replace_Text(request.form("qq"))
mail=Replace_Text(request.form("mail"))
tel=Replace_Text(request.form("tel"))
sh=Replace_Text(request.form("sh"))
VerifyCode=request.form("VerifyCode")
if title="" then
response.Write("<script language=javascript>alert('留言标题不能为空!');history.go(-1)</script>")
response.end
end if
if VerifyCode="" then
response.Write("<script language=javascript>alert('验证码不能为空!');history.go(-1)</script>")
response.end
end if
if cstr(Session("firstecode"))<>cstr(Request.Form("VerifyCode")) then
response.Write("<script language=javascript>alert('验证码错误!');history.go(-1)</script>")
response.End
end if
if name="" then
response.Write("<script language=javascript>alert('姓名不能为空!');history.go(-1)</script>")
response.end
end if
if tel="" then
response.Write("<script language=javascript>alert('联系电话不能为空!');history.go(-1)</script>")
response.end
end if
IF sh="" or not isNumeric(request("sh")) then
response.write("<script>alert(""警告!请勿尝试外部提交数据!""); history.go(-1);</script>")
response.end
end if
if body="" then
response.Write("<script language=javascript>alert('内容不能为空!');history.go(-1)</script>")
response.end
end if
rs.addnew
rs("title")=title
rs("body")=body
rs("name")=name
rs("qq")=qq
rs("mail")=mail
rs("tel")=tel
rs("sh")=sh
rs.update
rs.close
set rs=nothing
conn.close
set rs=nothing
Response.Write "<script>alert('留言提交成功!');window.location.href='../book/?1-1.html';</script>"
%>